<?php

require_once("database.php");

if($_GET and isset($_GET['h'])){
  $hash = sql_escape($_GET['h']);
  
  $result = query_select("
    SELECT a.id AS id, c.name AS city, a.date AS date, a.url AS url, a.price AS price, a.title AS title, a.location AS location, a.bedrooms AS rooms
    FROM user u, apartment a, city c
    WHERE u.hash = '" . $hash . "'
    AND u.default_city = a.city_id
    AND u.default_city = c.id
    ORDER BY date DESC
  ");
  
  $output = "<?xml version=\"1.0\" encoding=\"utf-8\"?>
    <rss version=\"2.0\">
      <channel>
        <title>lifeprice.com</title>
        <link>http://www.lifeprice.com</link>
        <description>apartment listings, data, and information from across the country</description>
        <language>en-us</language>
            ";
            
  foreach($result as $item) {
    $output .= "<item>";
    $output .= "<title>" . htmlentities($item['title']) . "</title>";
    $output .= "<link>" . htmlentities($item['url']) . "</link>";
    $output .= "<pubDate>" . date("D, d M Y H:i:s O",$item['date']) . "</pubDate>";
    
    $description = $item['title'] . ", " . $item['location'] . ", " . $item['city'] . "<br />";
    $description .= "Price: $" . $item['price'] . "<br />";
    $description .= "Bedrooms: " . $item['rooms'] . " rooms";
    
    $output .= "<description>" . htmlentities($description) . "</description>";
    $output .= "</item>\n";
  }
  $output .= "</channel></rss>";

  header("Content-Type: text/xml");
  echo $output;

}


?>